diff options
Diffstat (limited to 'libraries/spongycastle/jce/src/main/java/javax/crypto/Cipher.java')
| -rw-r--r-- | libraries/spongycastle/jce/src/main/java/javax/crypto/Cipher.java | 1509 |
1 files changed, 0 insertions, 1509 deletions
diff --git a/libraries/spongycastle/jce/src/main/java/javax/crypto/Cipher.java b/libraries/spongycastle/jce/src/main/java/javax/crypto/Cipher.java deleted file mode 100644 index bf9fd3743..000000000 --- a/libraries/spongycastle/jce/src/main/java/javax/crypto/Cipher.java +++ /dev/null @@ -1,1509 +0,0 @@ -package javax.crypto; - -import java.util.StringTokenizer; -import java.security.Key; -import java.security.Provider; -import java.security.SecureRandom; -import java.security.AlgorithmParameters; -import java.security.InvalidKeyException; -import java.security.NoSuchAlgorithmException; -import java.security.NoSuchProviderException; -import java.security.InvalidAlgorithmParameterException; -import java.security.cert.Certificate; -import java.security.spec.AlgorithmParameterSpec; - -/** - * This class provides the functionality of a cryptographic cipher for - * encryption and decryption. It forms the core of the Java Cryptographic - * Extension (JCE) framework. - * <p> - * In order to create a Cipher object, the application calls the - * Cipher's <code>getInstance</code> method, and passes the name of the - * requested <i>transformation</i> to it. Optionally, the name of a provider - * may be specified. - * <p> - * A <i>transformation</i> is a string that describes the operation (or - * set of operations) to be performed on the given input, to produce some - * output. A transformation always includes the name of a cryptographic - * algorithm (e.g., <i>DES</i>), and may be followed by a feedback mode and - * padding scheme. - * - * <p> A transformation is of the form:<p> - * - * <ul> - * <li>"<i>algorithm/mode/padding</i>" or - * <p> - * <li>"<i>algorithm</i>" - * </ul> - * - * <P> (in the latter case, - * provider-specific default values for the mode and padding scheme are used). - * For example, the following is a valid transformation:<p> - * - * <pre> - * Cipher c = Cipher.getInstance("<i>DES/CBC/PKCS5Padding</i>"); - * </pre> - * <p> - * When requesting a block cipher in stream cipher mode (e.g., - * <code>DES</code> in <code>CFB</code> or <code>OFB</code> mode), the user may - * optionally specify the number of bits to be - * processed at a time, by appending this number to the mode name as shown in - * the "<i>DES/CFB8/NoPadding</i>" and "<i>DES/OFB32/PKCS5Padding</i>" - * transformations. If no such number is specified, a provider-specific default - * is used. (For example, the "SunJCE" provider uses a default of 64 bits.) - */ -public class Cipher -{ - static private final int UNINITIALIZED = 0; - - static public final int ENCRYPT_MODE = 1; - static public final int DECRYPT_MODE = 2; - static public final int WRAP_MODE = 3; - static public final int UNWRAP_MODE = 4; - - static public final int PUBLIC_KEY = 1; - static public final int PRIVATE_KEY = 2; - static public final int SECRET_KEY = 3; - - private CipherSpi cipherSpi; - private Provider provider; - private String transformation; - - private int mode = UNINITIALIZED; - - /** - * Creates a Cipher object. - * - * @param cipherSpi the delegate - * @param provider the provider - * @param transformation the transformation - */ - protected Cipher( - CipherSpi cipherSpi, - Provider provider, - String transformation) - { - this.cipherSpi = cipherSpi; - this.provider = provider; - this.transformation = transformation; - } - - /** - * Generates a <code>Cipher</code> object that implements the specified - * transformation. - * <p> - * If the default provider package supplies an implementation of the - * requested transformation, an instance of <code>Cipher</code> containing - * that implementation is returned. - * If the transformation is not available in the default provider package, - * other provider packages are searched. - * - * @param transformation the name of the transformation, e.g., <i>DES/CBC/PKCS5Padding</i>. - * See Appendix A in the Java Cryptography Extension API Specification & Reference - * for information about standard transformation names. - * - * @return a cipher that implements the requested transformation - * @exception NoSuchAlgorithmException if the specified transformation is not available in the default - * provider package or any of the other provider packages that were searched. - * @exception NoSuchPaddingException if <code>transformation</code> contains a padding scheme that is - * not available. - */ - public static final Cipher getInstance( - String transformation) - throws NoSuchAlgorithmException, NoSuchPaddingException - { - try - { - JCEUtil.Implementation imp = JCEUtil.getImplementation("Cipher", transformation, (String) null); - - if (imp != null) - { - return new Cipher((CipherSpi)imp.getEngine(), imp.getProvider(), transformation); - } - - // - // try the long way - // - StringTokenizer tok = new StringTokenizer(transformation, "/"); - String algorithm = tok.nextToken(); - - imp = JCEUtil.getImplementation("Cipher", algorithm, (String) null); - - if (imp == null) - { - throw new NoSuchAlgorithmException(transformation + " not found"); - } - - CipherSpi cipherSpi = (CipherSpi)imp.getEngine(); - - // - // make sure we don't get fooled by a "//" in the string - // - if (tok.hasMoreTokens() && !transformation.regionMatches(algorithm.length(), "//", 0, 2)) - { - cipherSpi.engineSetMode(tok.nextToken()); - } - - if (tok.hasMoreTokens()) - { - cipherSpi.engineSetPadding(tok.nextToken()); - } - - return new Cipher(cipherSpi, imp.getProvider(), transformation); - } - catch (NoSuchProviderException e) - { - throw new NoSuchAlgorithmException(transformation + " not found"); - } - } - - /** - * Creates a <code>Cipher</code> object that implements the specified - * transformation, as supplied by the specified provider. - * - * @param transformation the name of the transformation, e.g., <i>DES/CBC/PKCS5Padding</i>. - * See Appendix A in the Java Cryptography Extension API Specification & Reference - * for information about standard transformation names. - * - * @param provider the provider - * @return a cipher that implements the requested transformation - * @exception NoSuchAlgorithmException if no transformation was specified, or if the specified - * transformation is not available from the specified provider. - * @exception NoSuchPaddingException if <code>transformation</code> contains a padding scheme - * that is not available. - */ - public static final Cipher getInstance( - String transformation, - Provider provider) - throws NoSuchAlgorithmException, NoSuchPaddingException - { - if (transformation == null) - { - throw new IllegalArgumentException("No transformation specified for Cipher.getInstance()"); - } - - JCEUtil.Implementation imp = JCEUtil.getImplementation("Cipher", transformation, provider); - - if (imp != null) - { - return new Cipher((CipherSpi)imp.getEngine(), imp.getProvider(), transformation); - } - - // - // try the long way - // - StringTokenizer tok = new StringTokenizer(transformation, "/"); - String algorithm = tok.nextToken(); - - imp = JCEUtil.getImplementation("Cipher", algorithm, provider); - - if (imp == null) - { - throw new NoSuchAlgorithmException(transformation + " not found"); - } - - CipherSpi cipherSpi = (CipherSpi)imp.getEngine(); - - // - // make sure we don't get fooled by a "//" in the string - // - if (tok.hasMoreTokens() && !transformation.regionMatches(algorithm.length(), "//", 0, 2)) - { - cipherSpi.engineSetMode(tok.nextToken()); - } - - if (tok.hasMoreTokens()) - { - cipherSpi.engineSetPadding(tok.nextToken()); - } - - return new Cipher(cipherSpi, imp.getProvider(), transformation); - } - - /** - * Creates a <code>Cipher</code> object that implements the specified - * transformation, as supplied by the specified provider. - * - * @param transformation the name of the transformation, e.g., <i>DES/CBC/PKCS5Padding</i>. - * See Appendix A in the Java Cryptography Extension API Specification & Reference - * for information about standard transformation names. - * - * @param provider the name of the provider - * @return a cipher that implements the requested transformation - * @exception NoSuchAlgorithmException if no transformation was specified, or if the specified - * transformation is not available from the specified provider. - * @exception NoSuchProviderException if the specified provider has not been configured. - * @exception NoSuchPaddingException if <code>transformation</code> contains a padding scheme - * that is not available. - */ - public static final Cipher getInstance( - String transformation, - String provider) - throws NoSuchAlgorithmException, NoSuchProviderException, NoSuchPaddingException - { - if (transformation == null) - { - throw new IllegalArgumentException("No transformation specified for Cipher.getInstance()"); - } - - JCEUtil.Implementation imp = JCEUtil.getImplementation("Cipher", transformation, provider); - - if (imp != null) - { - return new Cipher((CipherSpi)imp.getEngine(), imp.getProvider(), transformation); - } - - // - // try the long way - // - StringTokenizer tok = new StringTokenizer(transformation, "/"); - String algorithm = tok.nextToken(); - - imp = JCEUtil.getImplementation("Cipher", algorithm, provider); - - if (imp == null) - { - throw new NoSuchAlgorithmException(transformation + " not found"); - } - - CipherSpi cipherSpi = (CipherSpi)imp.getEngine(); - - // - // make sure we don't get fooled by a "//" in the string - // - if (tok.hasMoreTokens() && !transformation.regionMatches(algorithm.length(), "//", 0, 2)) - { - cipherSpi.engineSetMode(tok.nextToken()); - } - - if (tok.hasMoreTokens()) - { - cipherSpi.engineSetPadding(tok.nextToken()); - } - - return new Cipher(cipherSpi, imp.getProvider(), transformation); - } - - /** - * Returns the provider of this <code>Cipher</code> object. - * - * @return the provider of this <code>Cipher</code> object - */ - public final Provider getProvider() - { - return provider; - } - - /** - * Returns the algorithm name of this <code>Cipher</code> object. - * <p> - * This is the same name that was specified in one of the - * <code>getInstance</code> calls that created this <code>Cipher</code> - * object.. - * - * @return the algorithm name of this <code>Cipher</code> object. - */ - public final String getAlgorithm() - { - return transformation; - } - - /** - * Returns the block size (in bytes). - * - * @return the block size (in bytes), or 0 if the underlying algorithm is not a block cipher - */ - public final int getBlockSize() - { - return cipherSpi.engineGetBlockSize(); - } - - /** - * Returns the length in bytes that an output buffer would need to be in - * order to hold the result of the next <code>update</code> or - * <code>doFinal</code> operation, given the input length <code>inputLen</code> (in bytes). - * <p> - * This call takes into account any unprocessed (buffered) data from a - * previous <code>update</code> call, and padding. - * <p> - * The actual output length of the next <code>update</code> or - * <code>doFinal</code> call may be smaller than the length returned by - * this method. - * - * @param inputLen the input length (in bytes) - * @return the required output buffer size (in bytes) - * @exception java.lang.IllegalStateException if this cipher is in a wrong state (e.g., has not - * yet been initialized) - */ - public final int getOutputSize( - int inputLen) - throws IllegalStateException - { - if (mode != ENCRYPT_MODE && mode != DECRYPT_MODE) - { - throw new IllegalStateException("Cipher is uninitialised"); - } - - return cipherSpi.engineGetOutputSize(inputLen); - } - - /** - * Returns the initialization vector (IV) in a new buffer. - * <p> - * This is useful in the case where a random IV was created, - * or in the context of password-based encryption or decryption, where the IV - * is derived from a user-supplied password. - * - * @return the initialization vector in a new buffer, or null if the - * underlying algorithm does not use an IV, or if the IV has not yet been set. - */ - public final byte[] getIV() - { - return cipherSpi.engineGetIV(); - } - - /** - * Returns the parameters used with this cipher. - * <p> - * The returned parameters may be the same that were used to initialize - * this cipher, or may contain a combination of default and random - * parameter values used by the underlying cipher implementation if this - * cipher requires algorithm parameters but was not initialized with any. - * - * @return the parameters used with this cipher, or null if this cipher - * does not use any parameters. - */ - public final AlgorithmParameters getParameters() - { - return cipherSpi.engineGetParameters(); - } - - /** - * Returns the exemption mechanism object used with this cipher. - * - * @return the exemption mechanism object used with this cipher, or - * null if this cipher does not use any exemption mechanism. - */ - public final ExemptionMechanism getExemptionMechanism() - { - return null; - } - - /** - * Initializes this cipher with a key. - * <p> - * The cipher is initialized for one of the following four operations: - * encryption, decryption, key wrapping or key unwrapping, depending - * on the value of <code>opmode</code>. - * <p> - * If this cipher requires any algorithm parameters that cannot be - * derived from the given <code>key</code>, the underlying cipher - * implementation is supposed to generate the required parameters itself - * (using provider-specific default or random values) if it is being - * initialized for encryption or key wrapping, and raise an - * <code>InvalidKeyException</code> if it is being - * initialized for decryption or key unwrapping. - * The generated parameters can be retrieved using - * <a href = "#getParameters()">getParameters</a> or - * <a href = "#getIV()">getIV</a> (if the parameter is an IV). - * <p> - * If this cipher (including its underlying feedback or padding scheme) - * requires any random bytes (e.g., for parameter generation), it will get - * them using the <a href="http://java.sun.com/products/jdk/1.2/docs/api/java.security.SecureRandom.html"> - * <code>SecureRandom</code></a> implementation of the highest-priority - * installed provider as the source of randomness. - * (If none of the installed providers supply an implementation of - * SecureRandom, a system-provided source of randomness will be used.) - * <p> - * Note that when a Cipher object is initialized, it loses all - * previously-acquired state. In other words, initializing a Cipher is - * equivalent to creating a new instance of that Cipher and initializing - * it. - * - * @param opmode the operation mode of this cipher (this is one of the following: - * <code>ENCRYPT_MODE</code>, <code>DECRYPT_MODE</code>, - * <code>WRAP_MODE</code> or <code>UNWRAP_MODE</code>) - * @param key the key - * @exception InvalidKeyException if the given key is inappropriate for - * initializing this cipher, or if this cipher is being initialized for - * decryption and requires algorithm parameters that cannot be - * determined from the given key, or if the given key has a keysize that - * exceeds the maximum allowable keysize (as determined from the - * configured jurisdiction policy files). Note: Jurisdiction files are ignored - * in this implementation. - */ - public final void init( - int opmode, - Key key) - throws InvalidKeyException - { - cipherSpi.engineInit(opmode, key, new SecureRandom()); - mode = opmode; - } - - /** - * Initializes this cipher with a key and a source of randomness. - * <p> - * The cipher is initialized for one of the following four operations: - * encryption, decryption, key wrapping or key unwrapping, depending - * on the value of <code>opmode</code>. - * <p> - * If this cipher requires any algorithm parameters that cannot be - * derived from the given <code>key</code>, the underlying cipher - * implementation is supposed to generate the required parameters itself - * (using provider-specific default or random values) if it is being - * initialized for encryption or key wrapping, and raise an - * <code>InvalidKeyException</code> if it is being - * initialized for decryption or key unwrapping. - * The generated parameters can be retrieved using - * <a href = "#engineGetParameters()">engineGetParameters</a> or - * <a href = "#engineGetIV()">engineGetIV</a> (if the parameter is an IV). - * <p> - * If this cipher (including its underlying feedback or padding scheme) - * requires any random bytes (e.g., for parameter generation), it will get - * them from <code>random</code>. - * <p> - * Note that when a Cipher object is initialized, it loses all - * previously-acquired state. In other words, initializing a Cipher is - * equivalent to creating a new instance of that Cipher and initializing - * it. - * @param opmode the operation mode of this cipher (this is one of the - * following: <code>ENCRYPT_MODE</code>, <code>DECRYPT_MODE</code>, - * <code>WRAP_MODE</code> or <code>UNWRAP_MODE</code>) - * @param key the encryption key - * @param random the source of randomness - * @exception InvalidKeyException if the given key is inappropriate for - * initializing this cipher, or if this cipher is being initialized for - * decryption and requires algorithm parameters that cannot be - * determined from the given key, or if the given key has a keysize that - * exceeds the maximum allowable keysize (as determined from the - * configured jurisdiction policy files). Note: Jurisdiction files are ignored - * in this implementation. - */ - public final void init( - int opmode, - Key key, - SecureRandom random) - throws InvalidKeyException - { - cipherSpi.engineInit(opmode, key, random); - mode = opmode; - } - - /** - * Initializes this cipher with a key and a set of algorithm parameters. - * <p> - * The cipher is initialized for one of the following four operations: - * encryption, decryption, key wrapping or key unwrapping, depending - * on the value of <code>opmode</code>. - * <p> - * If this cipher requires any algorithm parameters and - * <code>params</code> is null, the underlying cipher implementation is - * supposed to generate the required parameters itself (using - * provider-specific default or random values) if it is being - * initialized for encryption or key wrapping, and raise an - * <code>InvalidAlgorithmParameterException</code> if it is being - * initialized for decryption or key unwrapping. - * The generated parameters can be retrieved using - * <a href = "#getParameters()">getParameters</a> or - * <a href = "#getIV()">getIV</a> (if the parameter is an IV). - * <p> - * If this cipher (including its underlying feedback or padding scheme) - * requires any random bytes (e.g., for parameter generation), it will get - * them using the - * <a href="http://java.sun.com/products/jdk/1.2/docs/api/java.security.SecureRandom.html"> - * <code>SecureRandom</code></a> implementation of the highest-priority - * installed provider as the source of randomness. - * (If none of the installed providers supply an implementation of - * SecureRandom, a system-provided source of randomness will be used.) - * <p> - * Note that when a Cipher object is initialized, it loses all - * previously-acquired state. In other words, initializing a Cipher is - * equivalent to creating a new instance of that Cipher and initializing - * it. - * - * @param opmode the operation mode of this cipher (this is one of the - * following: <code>ENCRYPT_MODE</code>, <code>DECRYPT_MODE</code>, <code>WRAP_MODE</code> - * or <code>UNWRAP_MODE</code>) - * @param key the encryption key - * @param params the algorithm parameters - * @exception InvalidKeyException if the given key is inappropriate for initializing this - * cipher, or its keysize exceeds the maximum allowable keysize (as determined from the - * configured jurisdiction policy files). - * @exception InvalidAlgorithmParameterException if the given algorithm parameters are - * inappropriate for this cipher, or this cipher is being initialized for decryption and - * requires algorithm parameters and <code>params</code> is null, or the given algorithm - * parameters imply a cryptographic strength that would exceed the legal limits (as determined - * from the configured jurisdiction policy files). Note: Jurisdiction files are ignored - * in this implementation. - */ - public final void init( - int opmode, - Key key, - AlgorithmParameterSpec params) - throws InvalidKeyException, InvalidAlgorithmParameterException - { - cipherSpi.engineInit(opmode, key, params, new SecureRandom()); - mode = opmode; - } - - /** - * Initializes this cipher with a key, a set of algorithm - * parameters, and a source of randomness. - * <p> - * The cipher is initialized for one of the following four operations: - * encryption, decryption, key wrapping or key unwrapping, depending - * on the value of <code>opmode</code>. - * <p> - * If this cipher requires any algorithm parameters and - * <code>params</code> is null, the underlying cipher implementation is - * supposed to generate the required parameters itself (using - * provider-specific default or random values) if it is being - * initialized for encryption or key wrapping, and raise an - * <code>InvalidAlgorithmParameterException</code> if it is being - * initialized for decryption or key unwrapping. - * The generated parameters can be retrieved using - * <a href = "#getParameters()">getParameters</a> or - * <a href = "#getIV()">getIV</a> (if the parameter is an IV). - * <p> - * If this cipher (including its underlying feedback or padding scheme) - * requires any random bytes (e.g., for parameter generation), it will get - * them from <code>random</code>. - * <p> - * Note that when a Cipher object is initialized, it loses all - * previously-acquired state. In other words, initializing a Cipher is - * equivalent to creating a new instance of that Cipher and initializing - * it. - * - * @param opmode the operation mode of this cipher (this is one of the - * following: <code>ENCRYPT_MODE</code>, <code>DECRYPT_MODE</code>, - * <code>WRAP_MODE</code> or <code>UNWRAP_MODE</code>) - * @param key the encryption key - * @param params the algorithm parameters - * @param random the source of randomness - * @exception InvalidKeyException if the given key is inappropriate for - * initializing this cipher, or its keysize exceeds the maximum allowable - * keysize (as determined from the configured jurisdiction policy files). - * @exception InvalidAlgorithmParameterException if the given algorithm - * parameters are inappropriate for this cipher, - * or this cipher is being initialized for decryption and requires - * algorithm parameters and <code>params</code> is null, or the given - * algorithm parameters imply a cryptographic strength that would exceed - * the legal limits (as determined from the configured jurisdiction - * policy files). - * Note: Jurisdiction files are ignored in this implementation. - */ - public final void init( - int opmode, - Key key, - AlgorithmParameterSpec params, - SecureRandom random) - throws InvalidKeyException, InvalidAlgorithmParameterException - { - cipherSpi.engineInit(opmode, key, params, random); - mode = opmode; - } - - /** - * Initializes this cipher with a key and a set of algorithm - * parameters. - * <p> - * The cipher is initialized for one of the following four operations: - * encryption, decryption, key wrapping or key unwrapping, depending - * on the value of <code>opmode</code>. - * <p> - * If this cipher requires any algorithm parameters and - * <code>params</code> is null, the underlying cipher implementation is - * supposed to generate the required parameters itself (using - * provider-specific default or random values) if it is being - * initialized for encryption or key wrapping, and raise an - * <code>InvalidAlgorithmParameterException</code> if it is being - * initialized for decryption or key unwrapping. - * The generated parameters can be retrieved using - * <a href = "#getParameters()">getParameters</a> or - * <a href = "#getIV()">getIV</a> (if the parameter is an IV). - * <p> - * If this cipher (including its underlying feedback or padding scheme) - * requires any random bytes (e.g., for parameter generation), it will get - * them using the - * <a href="http://java.sun.com/products/jdk/1.2/docs/api/java.security.SecureRandom.html"> - * <code>SecureRandom</code></a> implementation of the highest-priority - * installed provider as the source of randomness. - * (If none of the installed providers supply an implementation of - * SecureRandom, a system-provided source of randomness will be used.) - * <p> - * Note that when a Cipher object is initialized, it loses all - * previously-acquired state. In other words, initializing a Cipher is - * equivalent to creating a new instance of that Cipher and initializing - * it. - * - * @param opmode the operation mode of this cipher (this is one of the - * following: <code>ENCRYPT_MODE</code>, <code>DECRYPT_MODE</code>, <code>WRAP_MODE</code> - * or <code>UNWRAP_MODE</code>) - * @param key the encryption key - * @param params the algorithm parameters - * @exception InvalidKeyException if the given key is inappropriate for - * initializing this cipher, or its keysize exceeds the maximum allowable - * keysize (as determined from the configured jurisdiction policy files). - * @exception InvalidAlgorithmParameterException if the given algorithm - * parameters are inappropriate for this cipher, - * or this cipher is being initialized for decryption and requires - * algorithm parameters and <code>params</code> is null, or the given - * algorithm parameters imply a cryptographic strength that would exceed - * the legal limits (as determined from the configured jurisdiction - * policy files). - * Note: Jurisdiction files are ignored in this implementation. - */ - public final void init( - int opmode, - Key key, - AlgorithmParameters params) - throws InvalidKeyException, InvalidAlgorithmParameterException - { - cipherSpi.engineInit(opmode, key, params, new SecureRandom()); - mode = opmode; - } - - /** - * Initializes this cipher with a key, a set of algorithm - * parameters, and a source of randomness. - * <p> - * The cipher is initialized for one of the following four operations: - * encryption, decryption, key wrapping or key unwrapping, depending - * on the value of <code>opmode</code>. - * <p> - * If this cipher requires any algorithm parameters and - * <code>params</code> is null, the underlying cipher implementation is - * supposed to generate the required parameters itself (using - * provider-specific default or random values) if it is being - * initialized for encryption or key wrapping, and raise an - * <code>InvalidAlgorithmParameterException</code> if it is being - * initialized for decryption or key unwrapping. - * The generated parameters can be retrieved using - * <a href = "#getParameters()">getParameters</a> or - * <a href = "#getIV()">getIV</a> (if the parameter is an IV). - * <p> - * If this cipher (including its underlying feedback or padding scheme) - * requires any random bytes (e.g., for parameter generation), it will get - * them from <code>random</code>. - * <p> - * Note that when a Cipher object is initialized, it loses all - * previously-acquired state. In other words, initializing a Cipher is - * equivalent to creating a new instance of that Cipher and initializing - * it. - * - * @param opmode the operation mode of this cipher (this is one of the - * following: <code>ENCRYPT_MODE</code>, <code>DECRYPT_MODE</code>, <code>WRAP_MODE</code> - * or <code>UNWRAP_MODE</code>) - * @param key the encryption key - * @param params the algorithm parameters - * @param random the source of randomness - * @exception InvalidKeyException if the given key is inappropriate for - * initializing this cipher, or its keysize exceeds the maximum allowable - * keysize (as determined from the configured jurisdiction policy files). - * @exception InvalidAlgorithmParameterException if the given algorithm - * parameters are inappropriate for this cipher, - * or this cipher is being initialized for decryption and requires - * algorithm parameters and <code>params</code> is null, or the given - * algorithm parameters imply a cryptographic strength that would exceed - * the legal limits (as determined from the configured jurisdiction - * policy files). - * Note: Jurisdiction files are ignored in this implementation. - */ - public final void init( - int opmode, - Key key, - AlgorithmParameters params, - SecureRandom random) - throws InvalidKeyException, InvalidAlgorithmParameterException - { - cipherSpi.engineInit(opmode, key, params, random); - mode = opmode; - } - - /** - * Initializes this cipher with the public key from the given certificate. - * <p> - * The cipher is initialized for one of the following four operations: - * encryption, decryption, key wrapping or key unwrapping, depending - * on the value of <code>opmode</code>. - * <p> - * If the certificate is of type X.509 and has a <i>key usage</i> - * extension field marked as critical, and the value of the <i>key usage</i> - * extension field implies that the public key in - * the certificate and its corresponding private key are not - * supposed to be used for the operation represented by the value - * of <code>opmode</code>, - * an <code>InvalidKeyException</code> - * is thrown. - * <p> - * If this cipher requires any algorithm parameters that cannot be - * derived from the public key in the given certificate, the underlying - * cipher - * implementation is supposed to generate the required parameters itself - * (using provider-specific default or ramdom values) if it is being - * initialized for encryption or key wrapping, and raise an <code> - * InvalidKeyException</code> if it is being initialized for decryption or - * key unwrapping. - * The generated parameters can be retrieved using - * <a href = "#getParameters()">getParameters</a> or - * <a href = "#getIV()">getIV</a> (if the parameter is an IV). - * <p> - * If this cipher (including its underlying feedback or padding scheme) - * requires any random bytes (e.g., for parameter generation), it will get - * them using the - * <a href="http://java.sun.com/products/jdk/1.2/docs/api/java.security.SecureRandom.html"> - * <code>SecureRandom</code></a> - * implementation of the highest-priority installed provider as the source of randomness. - * (If none of the installed providers supply an implementation of - * SecureRandom, a system-provided source of randomness will be used.) - * <p> - * Note that when a Cipher object is initialized, it loses all - * previously-acquired state. In other words, initializing a Cipher is - * equivalent to creating a new instance of that Cipher and initializing - * it. - * @param opmode the operation mode of this cipher (this is one of the - * following: - * <code>ENCRYPT_MODE</code>, <code>DECRYPT_MODE</code>, - * <code>WRAP_MODE</code> or <code>UNWRAP_MODE</code>) - * @param certificate the certificate - * @exception InvalidKeyException if the public key in the given - * certificate is inappropriate for initializing this cipher, or this - * cipher is being initialized for decryption or unwrapping keys and - * requires algorithm parameters that cannot be determined from the - * public key in the given certificate, or the keysize of the public key - * in the given certificate has a keysize that exceeds the maximum - * allowable keysize (as determined by the configured jurisdiction policy - * files). - * Note: Jurisdiction files are ignored in this implementation. - */ - public final void init( - int opmode, - Certificate certificate) - throws InvalidKeyException - { - cipherSpi.engineInit(opmode, certificate.getPublicKey(), new SecureRandom()); - mode = opmode; - } - - /** - * Initializes this cipher with the public key from the given certificate - * and a source of randomness. - * <p>The cipher is initialized for one of the following four operations: - * encryption, decryption, key wrapping - * or key unwrapping, depending on - * the value of <code>opmode</code>. - * <p> - * If the certificate is of type X.509 and has a <i>key usage</i> - * extension field marked as critical, and the value of the <i>key usage</i> - * extension field implies that the public key in - * the certificate and its corresponding private key are not - * supposed to be used for the operation represented by the value of - * <code>opmode</code>, - * an <code>InvalidKeyException</code> - * is thrown. - * <p> - * If this cipher requires any algorithm parameters that cannot be - * derived from the public key in the given <code>certificate</code>, - * the underlying cipher - * implementation is supposed to generate the required parameters itself - * (using provider-specific default or random values) if it is being - * initialized for encryption or key wrapping, and raise an - * <code>InvalidKeyException</code> if it is being - * initialized for decryption or key unwrapping. - * The generated parameters can be retrieved using - * <a href = "#engineGetParameters()">engineGetParameters</a> or - * <a href = "#engineGetIV()">engineGetIV</a> (if the parameter is an IV). - * <p> - * If this cipher (including its underlying feedback or padding scheme) - * requires any random bytes (e.g., for parameter generation), it will get - * them from <code>random</code>. - * <p> - * Note that when a Cipher object is initialized, it loses all - * previously-acquired state. In other words, initializing a Cipher is - * equivalent to creating a new instance of that Cipher and initializing - * it. - * - * @param opmode the operation mode of this cipher (this is one of the - * following: <code>ENCRYPT_MODE</code>, <code>DECRYPT_MODE</code>, - * <code>WRAP_MODE</code> or <code>UNWRAP_MODE</code>) - * @param certificate the certificate - * @param random the source of randomness - * @exception InvalidKeyException if the public key in the given - * certificate is inappropriate for initializing this cipher, or this - * cipher is being initialized for decryption or unwrapping keys and - * requires algorithm parameters that cannot be determined from the - * public key in the given certificate, or the keysize of the public key - * in the given certificate has a keysize that exceeds the maximum - * allowable keysize (as determined by the configured jurisdiction policy - * files). - */ - public final void init( - int opmode, - Certificate certificate, - SecureRandom random) - throws InvalidKeyException - { - cipherSpi.engineInit(opmode, certificate.getPublicKey(), random); - mode = opmode; - } - - /** - * Continues a multiple-part encryption or decryption operation - * (depending on how this cipher was initialized), processing another data - * part. - * <p> - * The bytes in the <code>input</code> buffer are processed, and the - * result is stored in a new buffer. - * <p> - * If <code>input</code> has a length of zero, this method returns - * <code>null</code>. - * - * @param input the input buffer - * @return the new buffer with the result, or null if the underlying - * cipher is a block cipher and the input data is too short to result in a - * new block. - * @exception IllegalStateException if this cipher is in a wrong state - * (e.g., has not been initialized) - */ - public final byte[] update( - byte[] input) - throws IllegalStateException - { - if (mode != ENCRYPT_MODE && mode != DECRYPT_MODE) - { - throw new IllegalStateException("Cipher is uninitialised"); - } - - if (input == null) - { - throw new IllegalArgumentException("Null input buffer"); - } - - if (input.length == 0) - { - return null; - } - - return cipherSpi.engineUpdate(input, 0, input.length); - } - - /** - * Continues a multiple-part encryption or decryption operation - * (depending on how this cipher was initialized), processing another data - * part. - * <p> - * The first <code>inputLen</code> bytes in the <code>input</code> - * buffer, starting at <code>inputOffset</code> inclusive, are processed, - * and the result is stored in a new buffer. - * <p> - * If <code>inputLen</code> is zero, this method returns - * <code>null</code>. - * - * @param input the input buffer - * @param inputOffset the offset in <code>input</code> where the input - * starts - * @param inputLen the input length - * @return the new buffer with the result, or null if the underlying - * cipher is a block cipher and the input data is too short to result in a - * new block. - * @exception IllegalStateException if this cipher is in a wrong state - * (e.g., has not been initialized) - */ - public final byte[] update( - byte[] input, - int inputOffset, - int inputLen) - throws IllegalStateException - { - if (mode != ENCRYPT_MODE && mode != DECRYPT_MODE) - { - throw new IllegalStateException("Cipher is uninitialised"); - } - - if (input == null) - { - throw new IllegalArgumentException("Null input passed"); - } - - if (inputLen < 0 || inputOffset < 0 - || inputLen > (input.length - inputOffset)) - { - throw new IllegalArgumentException("Bad inputOffset/inputLen"); - } - - if (inputLen == 0) - { - return null; - } - - return cipherSpi.engineUpdate(input, inputOffset, inputLen); - } - - /** - * Continues a multiple-part encryption or decryption operation - * (depending on how this cipher was initialized), processing another data - * part. - * <p> - * The first <code>inputLen</code> bytes in the <code>input</code> - * buffer, starting at <code>inputOffset</code> inclusive, are processed, - * and the result is stored in the <code>output</code> buffer. - * <p> - * If the <code>output</code> buffer is too small to hold the result, - * a <code>ShortBufferException</code> is thrown. In this case, repeat this - * call with a larger output buffer. Use - * <a href = "#getOutputSize(int)">getOutputSize</a> to determine how big - * the output buffer should be. - * <p> - * If <code>inputLen</code> is zero, this method returns - * a length of zero. - * - * @param input the input buffer - * @param inputOffset the offset in <code>input</code> where the input starts - * @param inputLen the input length - * @param output the buffer for the result - * @return the number of bytes stored in <code>output</code> - * @exception IllegalStateException if this cipher is in a wrong state - * (e.g., has not been initialized) - * @exception ShortBufferException if the given output buffer is too small - * to hold the result - */ - public final int update( - byte[] input, - int inputOffset, - int inputLen, - byte[] output) - throws IllegalStateException, ShortBufferException - { - if (mode != ENCRYPT_MODE && mode != DECRYPT_MODE) - { - throw new IllegalStateException("Cipher is uninitialised"); - } - - if (input == null) - { - throw new IllegalArgumentException("Null input passed"); - } - - if (inputLen < 0 || inputOffset < 0 - || inputLen > (input.length - inputOffset)) - { - throw new IllegalArgumentException("Bad inputOffset/inputLen"); - } - - if (output == null) - { - throw new IllegalArgumentException("Null output passed"); - } - - if (inputLen == 0) - { - return 0; - } - - return cipherSpi.engineUpdate(input, inputOffset, inputLen, output, 0); - } - - /** - * Continues a multiple-part encryption or decryption operation - * (depending on how this cipher was initialized), processing another data - * part. - * <p> - * The first <code>inputLen</code> bytes in the <code>input</code> - * buffer, starting at <code>inputOffset</code> inclusive, are processed, - * and the result is stored in the <code>output</code> buffer, starting at - * <code>outputOffset</code> inclusive. - * <p> - * If the <code>output</code> buffer is too small to hold the result, - * a <code>ShortBufferException</code> is thrown. In this case, repeat this - * call with a larger output buffer. Use - * <a href = "#getOutputSize(int)">getOutputSize</a> to determine how big - * the output buffer should be. - * <p> - * If <code>inputLen</code> is zero, this method returns - * a length of zero. - * - * @param input the input buffer - * @param inputOffset the offset in <code>input</code> where the input starts - * @param inputLen the input length - * @param output the buffer for the result - * @param outputOffset the offset in <code>output</code> where the result - * is stored - * @return the number of bytes stored in <code>output</code> - * @exception IllegalStateException if this cipher is in a wrong state - * (e.g., has not been initialized) - * @exception ShortBufferException if the given output buffer is too small - * to hold the result - */ - public final int update( - byte[] input, - int inputOffset, - int inputLen, - byte[] output, - int outputOffset) - throws IllegalStateException, ShortBufferException - { - if (mode != ENCRYPT_MODE && mode != DECRYPT_MODE) - { - throw new IllegalStateException("Cipher is uninitialised"); - } - - if (input == null) - { - throw new IllegalArgumentException("Null input passed"); - } - - if (inputLen < 0 || inputOffset < 0 - || inputLen > (input.length - inputOffset)) - { - throw new IllegalArgumentException("Bad inputOffset/inputLen"); - } - - if (output == null) - { - throw new IllegalArgumentException("Null output passed"); - } - - if (outputOffset < 0 || outputOffset >= output.length) - { - throw new IllegalArgumentException("Bad outputOffset"); - } - - if (inputLen == 0) - { - return 0; - } - - return cipherSpi.engineUpdate(input, inputOffset, inputLen, output, outputOffset); - } - - /** - * Finishes a multiple-part encryption or decryption operation, depending - * on how this cipher was initialized. - * <p> - * Input data that may have been buffered during a previous - * <code>update</code> operation is processed, with padding (if requested) - * being applied. - * The result is stored in a new buffer. - * <p> - * A call to this method resets this cipher object to the state - * it was in when previously initialized via a call to <code>init</code>. - * That is, the object is reset and available to encrypt or decrypt - * (depending on the operation mode that was specified in the call to - * <code>init</code>) more data. - * @return the new buffer with the result - * @exception IllegalStateException if this cipher is in a wrong state - * (e.g., has not been initialized) - * @exception IllegalBlockSizeException if this cipher is a block cipher, - * no padding has been requested (only in encryption mode), and the total - * input length of the data processed by this cipher is not a multiple of - * block size - * @exception BadPaddingException if this cipher is in decryption mode, - * and (un)padding has been requested, but the decrypted data is not - * bounded by the appropriate padding bytes - */ - public final byte[] doFinal() - throws java.lang.IllegalStateException, IllegalBlockSizeException, - BadPaddingException - { - if (mode != ENCRYPT_MODE && mode != DECRYPT_MODE) - { - throw new IllegalStateException("Cipher is uninitialised"); - } - - return cipherSpi.engineDoFinal(null, 0, 0); - } - - /** - * Finishes a multiple-part encryption or decryption operation, depending - * on how this cipher was initialized. - * <p> - * Input data that may have been buffered during a previous - * <code>update</code> operation is processed, with padding (if requested) - * being applied. - * The result is stored in the <code>output</code> buffer, starting at - * <code>outputOffset</code> inclusive. - * <p> - * If the <code>output</code> buffer is too small to hold the result, - * a <code>ShortBufferException</code> is thrown. In this case, repeat this - * call with a larger output buffer. Use - * <a href = "#getOutputSize(int)">getOutputSize</a> to determine how big - * the output buffer should be. - * <p> - * A call to this method resets this cipher object to the state - * it was in when previously initialized via a call to <code>init</code>. - * That is, the object is reset and available to encrypt or decrypt - * (depending on the operation mode that was specified in the call to - * <code>init</code>) more data. - * - * @param output the buffer for the result - * @param outputOffset the offset in <code>output</code> where the result - * is stored - * @return the number of bytes stored in <code>output</code> - * @exception IllegalStateException if this cipher is in a wrong state - * (e.g., has not been initialized) - * @exception IllegalBlockSizeException if this cipher is a block cipher, - * no padding has been requested (only in encryption mode), and the total - * input length of the data processed by this cipher is not a multiple of - * block size - * @exception ShortBufferException if the given output buffer is too small - * to hold the result - * @exception BadPaddingException if this cipher is in decryption mode, - * and (un)padding has been requested, but the decrypted data is not - * bounded by the appropriate padding bytes - */ - public final int doFinal( - byte[] output, - int outputOffset) - throws IllegalStateException, IllegalBlockSizeException, - ShortBufferException, BadPaddingException - { - if (mode != ENCRYPT_MODE && mode != DECRYPT_MODE) - { - throw new IllegalStateException("Cipher is uninitialised"); - } - - if (output == null) - { - throw new IllegalArgumentException("Null output passed"); - } - - if (outputOffset < 0 || outputOffset >= output.length) - { - throw new IllegalArgumentException("Bad outputOffset"); - } - - return cipherSpi.engineDoFinal(null, 0, 0, output, outputOffset); - } - - /** - * Encrypts or decrypts data in a single-part operation, or finishes a - * multiple-part operation. The data is encrypted or decrypted, - * depending on how this cipher was initialized. - * <p> - * The bytes in the <code>input</code> buffer, and any input bytes that - * may have been buffered during a previous <code>update</code> operation, - * are processed, with padding (if requested) being applied. - * The result is stored in a new buffer. - * <p> - * A call to this method resets this cipher object to the state - * it was in when previously initialized via a call to <code>init</code>. - * That is, the object is reset and available to encrypt or decrypt - * (depending on the operation mode that was specified in the call to - * <code>init</code>) more data. - * - * @param input the input buffer - * @return the new buffer with the result - * @exception IllegalStateException if this cipher is in a wrong state - * (e.g., has not been initialized) - * @exception IllegalBlockSizeException if this cipher is a block cipher, - * no padding has been requested (only in encryption mode), and the total - * input length of the data processed by this cipher is not a multiple of - * block size - * @exception BadPaddingException if this cipher is in decryption mode, - * and (un)padding has been requested, but the decrypted data is not - * bounded by the appropriate padding bytes - */ - public final byte[] doFinal( - byte[] input) - throws java.lang.IllegalStateException, IllegalBlockSizeException, BadPaddingException - { - if (mode != ENCRYPT_MODE && mode != DECRYPT_MODE) - { - throw new IllegalStateException("Cipher is uninitialised"); - } - - if (input == null) - { - throw new IllegalArgumentException("Null input passed"); - } - - return cipherSpi.engineDoFinal(input, 0, input.length); - } - - /** - * Encrypts or decrypts data in a single-part operation, or finishes a - * multiple-part operation. The data is encrypted or decrypted, - * depending on how this cipher was initialized. - * <p> - * The first <code>inputLen</code> bytes in the <code>input</code> - * buffer, starting at <code>inputOffset</code> inclusive, and any input - * bytes that may have been buffered during a previous <code>update</code> - * operation, are processed, with padding (if requested) being applied. - * The result is stored in a new buffer. - * <p>A call to this method resets this cipher object to the state - * it was in when previously initialized via a call to <code>init</code>. - * That is, the object is reset and available to encrypt or decrypt - * (depending on the operation mode that was specified in the call to - * <code>init</code>) more data. - * - * @param input the input buffer - * @param inputOffset the offset in <code>input</code> where the input starts - * @param inputLen the input length - * @return the new buffer with the result - * @exception IllegalStateException if this cipher is in a wrong state - * (e.g., has not been initialized) - * @exception IllegalBlockSizeException if this cipher is a block cipher, - * no padding has been requested (only in encryption mode), and the total - * input length of the data processed by this cipher is not a multiple of - * block size - * @exception BadPaddingException if this cipher is in decryption mode, - * and (un)padding has been requested, but the decrypted data is not - * bounded by the appropriate padding bytes - */ - public final byte[] doFinal( - byte[] input, - int inputOffset, - int inputLen) - throws IllegalStateException, IllegalBlockSizeException, BadPaddingException - { - if (mode != ENCRYPT_MODE && mode != DECRYPT_MODE) - { - throw new IllegalStateException("Cipher is uninitialised"); - } - - if (input == null) - { - throw new IllegalArgumentException("Null input passed"); - } - - if (inputLen < 0 || inputOffset < 0 - || inputLen > (input.length - inputOffset)) - { - throw new IllegalArgumentException("Bad inputOffset/inputLen"); - } - - return cipherSpi.engineDoFinal(input, inputOffset, inputLen); - } - - /** - * Encrypts or decrypts data in a single-part operation, or finishes a - * multiple-part operation. The data is encrypted or decrypted, - * depending on how this cipher was initialized. - * <p> - * The first <code>inputLen</code> bytes in the <code>input</code> - * buffer, starting at <code>inputOffset</code> inclusive, and any input - * bytes that may have been buffered during a previous <code>update</code> - * operation, are processed, with padding (if requested) being applied. - * The result is stored in the <code>output</code> buffer. - * <p> - * If the <code>output</code> buffer is too small to hold the result, - * a <code>ShortBufferException</code> is thrown. In this case, repeat this - * call with a larger output buffer. Use - * <a href = "#getOutputSize(int)">getOutputSize</a> to determine how big - * the output buffer should be. - * <p> - * A call to this method resets this cipher object to the state - * it was in when previously initialized via a call to <code>init</code>. - * That is, the object is reset and available to encrypt or decrypt - * (depending on the operation mode that was specified in the call to - * <code>init</code>) more data. - * @param input the input buffer - * @param inputOffset the offset in <code>input</code> where the input starts - * @param inputLen the input length - * @param output the buffer for the result - * @return the number of bytes stored in <code>output</code> - * @exception IllegalStateException if this cipher is in a wrong state - * (e.g., has not been initialized) - * @exception IllegalBlockSizeException if this cipher is a block cipher, - * no padding has been requested (only in encryption mode), and the total - * input length of the data processed by this cipher is not a multiple of - * block size - * @exception ShortBufferException if the given output buffer is too small - * to hold the result - * @exception BadPaddingException if this cipher is in decryption mode, - * and (un)padding has been requested, but the decrypted data is not - * bounded by the appropriate padding bytes - */ - public final int doFinal( - byte[] input, - int inputOffset, - int inputLen, - byte[] output) - throws IllegalStateException, ShortBufferException, - IllegalBlockSizeException, BadPaddingException - { - if (mode != ENCRYPT_MODE && mode != DECRYPT_MODE) - { - throw new IllegalStateException("Cipher is uninitialised"); - } - - if (input == null) - { - throw new IllegalArgumentException("Null input passed"); - } - - if (inputLen < 0 || inputOffset < 0 - || inputLen > (input.length - inputOffset)) - { - throw new IllegalArgumentException("Bad inputOffset/inputLen"); - } - - if (output == null) - { - throw new IllegalArgumentException("Null output passed"); - } - - return cipherSpi.engineDoFinal(input, inputOffset, inputLen, output, 0); - } - - /** - * Encrypts or decrypts data in a single-part operation, or finishes a - * multiple-part operation. The data is encrypted or decrypted, - * depending on how this cipher was initialized. - * <p> - * The first <code>inputLen</code> bytes in the <code>input</code> - * buffer, starting at <code>inputOffset</code> inclusive, and any input - * bytes that may have been buffered during a previous - * <code>update</code> operation, are processed, with padding - * (if requested) being applied. - * The result is stored in the <code>output</code> buffer, starting at - * <code>outputOffset</code> inclusive. - * <p> - * If the <code>output</code> buffer is too small to hold the result, - * a <code>ShortBufferException</code> is thrown. In this case, repeat this - * call with a larger output buffer. Use - * <a href = "#getOutputSize(int)">getOutputSize</a> to determine how big - * the output buffer should be. - * <p> - * A call to this method resets this cipher object to the state - * it was in when previously initialized via a call to <code>init</code>. - * That is, the object is reset and available to encrypt or decrypt - * (depending on the operation mode that was specified in the call to - * <code>init</code>) more data. - * - * @param input the input buffer - * @param inputOffset the offset in <code>input</code> where the input starts - * @param inputLen the input length - * @param output the buffer for the result - * @param outputOffset the offset in <code>output</code> where the result is - * stored - * @return the number of bytes stored in <code>output</code> - * @exception IllegalStateException if this cipher is in a wrong state - * (e.g., has not been initialized) - * @exception IllegalBlockSizeException if this cipher is a block cipher, - * no padding has been requested (only in encryption mode), and the total - * input length of the data processed by this cipher is not a multiple of - * block size - * @exception ShortBufferException if the given output buffer is too small - * to hold the result - * @exception BadPaddingException if this cipher is in decryption mode, - * and (un)padding has been requested, but the decrypted data is not - * bounded by the appropriate padding bytes - */ - public final int doFinal( - byte[] input, - int inputOffset, - int inputLen, - byte[] output, - int outputOffset) - throws IllegalStateException, ShortBufferException, - IllegalBlockSizeException, BadPaddingException - { - if (mode != ENCRYPT_MODE && mode != DECRYPT_MODE) - { - throw new IllegalStateException("Cipher is uninitialised"); - } - - if (input == null) - { - throw new IllegalArgumentException("Null input passed"); - } - - if (inputLen < 0 || inputOffset < 0 - || inputLen > (input.length - inputOffset)) - { - throw new IllegalArgumentException("Bad inputOffset/inputLen"); - } - - if (output == null) - { - throw new IllegalArgumentException("Null output passed"); - } - - if (outputOffset < 0 || outputOffset >= output.length) - { - throw new IllegalArgumentException("Bad outputOffset"); - } - - return cipherSpi.engineDoFinal(input, inputOffset, inputLen, output, outputOffset); - } - - /** - * Wrap a key. - * - * @param key the key to be wrapped. - * @return the wrapped key. - * @exception IllegalStateException if this cipher is in a wrong state (e.g., has not - * been initialized). - * @exception IllegalBlockSizeException if this cipher is a block cipher, no padding - * has been requested, and the length of the encoding of the key to be wrapped is not a - * multiple of the block size. - * @exception <DD>java.security.InvalidKeyException - if it is impossible or unsafe to - * wrap the key with this cipher (e.g., a hardware protected key is being passed to a - * software-only cipher). - */ - public final byte[] wrap( - Key key) - throws IllegalStateException, IllegalBlockSizeException, InvalidKeyException - { - if (mode != WRAP_MODE) - { - throw new IllegalStateException("Cipher is not initialised for wrapping"); - } - - if (key == null) - { - throw new IllegalArgumentException("Null key passed"); - } - - return cipherSpi.engineWrap(key); - } - - /** - * Unwrap a previously wrapped key. - * - * @param wrappedKey the key to be unwrapped. - * @param wrappedKeyAlgorithm the algorithm associated with the wrapped key. - * @param wrappedKeyType the type of the wrapped key. This must be one of - * <code>SECRET_KEY</code>, <code>PRIVATE_KEY</code>, or <code>PUBLIC_KEY</code>. - * @return the unwrapped key. - * @exception IllegalStateException if this cipher is in a wrong state - * (e.g., has not been initialized). - * @exception InvalidKeyException if <code>wrappedKey</code> does not - * represent a wrapped key, or if the algorithm associated with the - * wrapped key is different from <code>wrappedKeyAlgorithm</code> - * and/or its key type is different from <code>wrappedKeyType</code>. - * @exception NoSuchAlgorithmException - if no installed providers - * can create keys for the <code>wrappedKeyAlgorithm</code>. - */ - public final Key unwrap( - byte[] wrappedKey, - String wrappedKeyAlgorithm, - int wrappedKeyType) - throws IllegalStateException, InvalidKeyException, NoSuchAlgorithmException - { - if (mode != UNWRAP_MODE) - { - throw new IllegalStateException("Cipher is not initialised for unwrapping"); - } - - if (wrappedKeyType != SECRET_KEY && wrappedKeyType != PUBLIC_KEY - && wrappedKeyType != PRIVATE_KEY) - { - throw new IllegalArgumentException("Invalid key type argument"); - } - - if (wrappedKey == null) - { - throw new IllegalArgumentException("Null wrappedKey passed"); - } - - if (wrappedKeyAlgorithm == null) - { - throw new IllegalArgumentException("Null wrappedKeyAlgorithm string passed"); - } - - return cipherSpi.engineUnwrap(wrappedKey, wrappedKeyAlgorithm, wrappedKeyType); - } -} |